Scammy Tech Support Sites Now Serving Up Ransomware (csoonline.com) 43
itwbennett writes: One holds your files hostage, the other overcharges to fix nonexistent computer problems. And now they may be working together. On one scammy tech support site seen by Symantec, an iframe hidden on the page redirected to the Nuclear exploit kit, a popular one used to spread malware. What is unclear is whether the people running tech support scams are working with those who create and rent out the use of exploit kits and associated infrastructure or if the tech support websites have been compromised in order to redirect visitors to exploit kits. Either way, it could add up to a very big headache for anyone who falls for the scam.
People are people (Score:1)
People buy alarms for houses and cars and maintain them. People buy dogs and run out and get help training them.
Then there are the people that don't care about maintenance or learning how to maintain - and that's why a system that just restores factory fresh with the touch of a coupe of buttons is the best option for them.
Frankly, as having been the "go to" family member to fix this crap - after 20 years, I'm sorta glad that they just reset their stuff and leave me alone.
Re: (Score:1)
It would also make it super easy to check and make sure someone's not being like, a pedo or communist or a Jap sympathizer, and we all know that the only people who would ever encrypt their computers are criminals or enemies of the state.
Hell, we should just outlaw encryption entirely. It's double plus ungood to prevent law enforcement from looking at whatever they like at any time. Remember, the police are your friend!
(Offer does not apply to certain socioeconomic classes, void where prohibited, Anonymou
Re: (Score:2)
It would help law enforcement track criminals such as terrorists and those who orchestrate scams such as ransomware. If they couldn't communicate with unbreakable encryption, it would be much easier to bring these criminals to justice and it would keep all of us safer.
Yes but please be aware of the fact that so far there have been no cases where weak encryption would help, or strong encryption would hinder the terrorists. And in Paris, they apparently communicated through unencrypted SMS messages.
Backdoors could also be used to unencrypt data that criminals encrypted with ransomware, allowing victims to recover their data without paying exorbitant prices to criminals.
Unfortunately this would also allow criminal to unencrypt data that banks encrypted for their customers, or sensitive personal data that companies or government organizations are storing about people.
Imagine how bad things would get if terrorists or hostile governments got h
Re: (Score:2)
There are a couple of good reasons why all encryption should have backdoors. It would help law enforcement track criminals such as terrorists and those who orchestrate scams such as ransomware. If they couldn't communicate with unbreakable encryption, it would be much easier to bring these criminals to justice and it would keep all of us safer. Backdoors could also be used to unencrypt data that criminals encrypted with ransomware, allowing victims to recover their data without paying exorbitant prices to criminals. This is yet another good reason why all encryption should have backdoors that are available to the government.
Most trolling nowadays is just terrible. This one works because it has excellent grammar and is actually semi-believable. My compliments. This is how it's done.
Re: (Score:2)
Back doors eventually become front doors [schneier.com].
Re: (Score:1)
A hidden iframe redirects to the ransomware ... (Score:2)
Are you not allowed to tell us what Desktop Operating System platform this maware runs on.
Re: (Score:2)
You conveniently omitted the fact that Linux users are not terribly likely to run random binaries downloaded from questionable websites.
In fact I have. A very polite and helpful Indian gentleman phoned me recently and warned me that I had a virus - and kindly offered to remove it. I followed his instructions to the letter, including downloading something called "Team Viewer". I watched with interest as he then opened a command line session and did things I did not understand. I realised why software companies are out-sourcing to India as these guys are obviousy very clever with computers.
Afterwards I deleted that virtual machine imag
Re: (Score:2)
Why does it matter? There really isn't any reason why the OS is relevant here. [blah blah blah etc]
Calm down. A "Nuclear exploit kit" was mentioned. The GP asked what platform it ran on. Now can we have an answer?
There's ransomware that runs on Linux.
All the more reason to answer the question.
Neat... (Score:1)
The worthless Symantec link (Score:5, Informative)
Loading your Community Experience
Fuck your community experience, I just want to read the blog entry. Javascript required? No thanks.
Surprised? (Score:2)
Amazing. It's like you imagine the scam tech support criminals would draw the line at ransomware, and the ransomware criminals would find tech support scamming morally beyond the pale. And never the two shall meet!
They're criminals. Is it really such a surprise they will employ any method available to steal money from their victims?
Better acronym (Score:3)
The Symantec article uses the acronym PUA for "potentially unwanted application".
I wish they had used the word "software" instead of "application".
Scammers have day job at symantec (Score:1)